This topic explains how to manually suppress Parasoft findings in source code or in a suppression file. See Suppressing Findings in the GUI for information about suppressing findings using the UI of your IDE.
Introduction
You can prevent C/C++test from reporting specific static analysis findings by defining suppressions. Suppressions are useful when you generally follow a rule, but decide to ignore specific occurrences of the reported finding. If you do not want to receive findings for any violations of a specific rule, disable the rule in the test configuration.
Defining Suppressions in Source Code
Suppression schemes can be defined in the source code with the syntax specified below
Line Suppression
<suppression keyword> [<rule category> | <rule category> . <rule id> | <rule category > - <rule severity> | ALL ] <suppression comment>
Examples
// parasoft-suppress CODSTA "suppress all rules in category CODSTA" // parasoft-suppress CODSTA.NEA "suppress rule CODSTA.NEA" // parasoft-suppress CODSTA-1 "suppress all rules in category CODSTA with severity level 1" // parasoft-suppress ALL "suppress all rules" // parasoft-suppress CODSTA FORMAT.MCH JAVADOC-3 "suppress all rules in category CODSTA and rule FORMAT.MCH and all rules in category JAVADOC with severity level 3"
Block Suppression
<begin suppression keyword> [<rule category> | <rule category> . <rule id> | <rule category > - <rule severity> | ALL ] <suppression comment> ..... source code block ..... <end suppression keyword> [<rule category> | <rule category> . <rule id> | <rule category > - <rule severity> | ALL ] <suppression comment>
Examples
// parasoft-begin-suppress CODSTA "begin suppress all rules in category CODSTA" ..... // parasoft-end-suppress CODSTA "end suppress all rules in category CODSTA" // parasoft-begin-suppress CODSTA.NEA "begin suppress rule CODSTA.NEA" ..... // parasoft-end-suppress CODSTA.NEA "end suppress rule CODSTA.NEA" // parasoft-begin-suppress CODSTA-1 "begin suppress all rules in category CODSTA with severity level 1" ...... // parasoft-end-suppress CODSTA-1 "end suppress all rules in category CODSTA with severity level 1" //parasoft-begin-suppress ALL "begin suppress all rules" ..... // parasoft-end-suppress ALL "end suppress all rules" // parasoft-begin-suppress CODSTA FORMAT.MCH "begin suppress all rules in category CODSTA and rule FORMAT.MCH" ..... // parasoft-end-suppress CODSTA FORMAT.MCH "end suppress all rules in category CODSTA and rule FORMAT.MCH" // parasoft-begin-suppress CODSTA "begin suppress all rules in category CODSTA" ..... // parasoft-end-suppress CODSTA-1 "end suppress all rules in category CODSTA with severity level 1; however rules with severity level 2-5 in category CODSTA are still suppressed." ..... // parasoft-end-suppress CODSTA "end suppress all rules in category CODSTA" // parasoft-begin-suppress ALL "begin suppress all rules" ..... // parasoft-end-suppress CODSTA FORMAT-1 "end suppress all rules in category CODSTA and all rules in category FORMAT with severity level 1; however, others rules in CODSTA and FORMAT-1 are still suppressed." ..... // parasoft-end-suppress ALL "end suppress all rules" //parasoft-begin-suppress ALL "begin suppress all rules, since no end suppression comment, all rules will be suppressed starting from this line"
Defining Suppressions in Suppression Files
You can suppress the reporting of selected findings by creating parasoft.suppress files that specify the attributes of findings you want to suppress. A suppression file should be located in the same directory as the source file that contains the findings.
We recommend that suppression files be checked in your source control system. This allows you to share information about suppressions with other team members and easily review the suppressions on a branch in your SCM repository before merging the code into the main stream of development, such as "master", "trunk", etc.
Use the following format to add suppression entries to parasoft.suppress files:
suppression-begin file: Account.cpp (required) line: 12 (optional) rule-id: CODSTA-123 (optional) message: Exact violation message (optional) reason: Approved (optional) author: devel (optional) date: 2020-09-21 (optional) suppression-end
Example
At a minimum, you must specify the source file where the problem was detected. This will suppress all findings reported for the specified file. In the following example, all findings detected in the Account file will be suppressed:
suppression-begin file: Account.cpp reason: false positive suppression-end
suppression-begin file: Account.cpp rule-id: PB.TYPO.TLS suppression-end
Notes on Attributes
- It is a good practice to specify the reason for suppression.
- The
line
attribute should be used with caution as it may invalidate the suppression if the code is moved to another line when the source file is modified.
Defining Line Suppressions Based on Regex Patterns
You can configure C/C++test to automatically suppress static rule violations that are detected on lines that match a regular expression pattern. This may be useful when you want to suppress findings that are difficult to suppress using the in-line or in-code suppressions, such as Qt macros.
You can specify the regex patterns by the configuring the following options in your .properties file or in the command line (see Configuration Overview):
cpptest.result.line.suppressions.enabled=true // Enables creating regex-based suppressions. cpptest.result.line.suppressions.pattern=[regex;regex] // Specifies a semicolon-separated list of regex patterns.
Static rule violations that occur on lines that match the configured regex pattern(s) will be suppressed. For example, the following configuration will suppresses all findings detected on code lines that contain "Q_" anywhere on the line:
cpptest.result.line.suppressions.enabled=true cpptest.result.line.suppressions.pattern=.*Q_.*